package com.raja.requestForwarding.filter;

import org.springframework.web.filter.OncePerRequestFilter;

import javax.servlet.FilterChain;
import javax.servlet.ServletException;
import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;
import java.io.IOException;

/**配置过滤器;目前只做设置跨域的设置
 * Created by liuyanjun
 * on 2017/4/5.
 */
public class AuthenticationFilter extends OncePerRequestFilter {
    @Override
    protected void doFilterInternal(HttpServletRequest request, HttpServletResponse response, FilterChain filterChain) throws ServletException, IOException {
//        String url = request.getRequestURL().toString();
//        String urlStr = "login";
//        // 从session中获取登录者实体
//        Object _loginUser = request.getSession().getAttribute("_loginUser");
//        if (_loginUser == null) {
//            String path = request.getContextPath();
//            String basePath = request.getScheme() + "://" + request.getServerName() + ":" + request.getServerPort() + path + "/";
//            String strUrl = url.substring(url.indexOf(path) + path.length(), url.length());
//            if (!strUrl.equals("/" + urlStr)){
//                basePath = basePath + urlStr;
//                response.getWriter().write("<script>window.location.href='" + basePath + "';</script>");
//            } else {
//                filterChain.doFilter(request, response);
//            }
//        } else {
//            filterChain.doFilter(request, response);
//        }
        // 针对iframe 的设置  ALLOWALL 运行所有网页   SAMEORIGIN 允许本域名的网页  DENY 拒绝所有
        response.setHeader("X-Frame-Options", "ALLOWALL");
        filterChain.doFilter(request, response);
    }
}
